Commit Graph

721996 Commits

Author SHA1 Message Date
Mika Westerberg 540c11159d net: thunderbolt: Stop using zero to mean no valid DMA mapping
Commit 86dabda426 ("net: thunderbolt: Clear finished Tx frame bus
address in tbnet_tx_callback()") fixed a DMA-API violation where the
driver called dma_unmap_page() in tbnet_free_buffers() for a bus address
that might already be unmapped. The fix was to zero out the bus address
of a frame in tbnet_tx_callback().

However, as pointed out by David Miller, zero might well be valid
mapping (at least in theory) so it is not good idea to use it here.

It turns out that we don't need the whole map/unmap dance for Tx buffers
at all. Instead we can map the buffers when they are initially allocated
and unmap them when the interface is brought down. In between we just
DMA sync the buffers for the CPU or device as needed.

Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-25 23:56:02 +09:00
Sunil Goutham fa6d7cb5d7 net: thunderx: Fix TCP/UDP checksum offload for IPv6 pkts
Don't offload IP header checksum to NIC.

This fixes a previous patch which enabled checksum offloading
for both IPv4 and IPv6 packets.  So L3 checksum offload was
getting enabled for IPv6 pkts.  And HW is dropping these pkts
as it assumes the pkt is IPv4 when IP csum offload is set
in the SQ descriptor.

Fixes:  3a9024f52c ("net: thunderx: Enable TSO and checksum offloads for ipv6")
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: Aleksey Makarov <aleksey.makarov@auriga.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-25 23:54:32 +09:00
Linus Torvalds 7753ea0964 Trimmed second batch of KVM changes for Linux 4.15
* GICv4 Support for KVM/ARM
 
 All ARM patches were in next-20171113.  I have postponed most x86 fixes
 to 4.15-rc2 and UMIP to 4.16, but there are fixes that would be good to
 have already in 4.15-rc1:
 
 * re-introduce support for CPUs without virtual NMI (cc stable)
   and allow testing of KVM without virtual NMI on available CPUs
 
 * fix long-standing performance issues with assigned devices on AMD
   (cc stable)
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABCAAGBQJaGECGAAoJEED/6hsPKofoT08H/AuaMi8qprw2BNpVBbQxWRWM
 O4WPk7yz1zB4SkdRNrPzCMBy+qoK7FcV/3BpsFPuQS4NHQ+GvQ87N/7tUbouVyl6
 CuPGJMCnNzMQ8GvLOJgB1/sz+uW5W/ph3y8kv1UP3/hNCZU4fqukoUeLroOH/wr6
 N3bSY8bok7ycdpgybHmbUHY0Yk4IUk3m0RXWY9U5Jl3sjoNEwCw3pWdrq9Swfs/6
 W8QJRdE4Z6KHPqW5sRnPj24IpoUpCxu+IT+gPuGlDUCN/h3sfhYvMS6GgDrCjiiZ
 2z1TwaIAo+wGjlBQzGmyTUjUPjbGew+f3ixBlf2BtmNutX+tX2qsVfl1NKXYTto=
 =GGge
 -----END PGP SIGNATURE-----

Merge tag 'kvm-4.15-2' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull KVM updates from Radim Krčmář:
 "Trimmed second batch of KVM changes for Linux 4.15:

   - GICv4 Support for KVM/ARM

   - re-introduce support for CPUs without virtual NMI (cc stable) and
     allow testing of KVM without virtual NMI on available CPUs

   - fix long-standing performance issues with assigned devices on AMD
     (cc stable)"

* tag 'kvm-4.15-2' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (30 commits)
  kvm: vmx: Allow disabling virtual NMI support
  kvm: vmx: Reinstate support for CPUs without virtual NMI
  KVM: SVM: obey guest PAT
  KVM: arm/arm64: Don't queue VLPIs on INV/INVALL
  KVM: arm/arm64: Fix GICv4 ITS initialization issues
  KVM: arm/arm64: GICv4: Theory of operations
  KVM: arm/arm64: GICv4: Enable VLPI support
  KVM: arm/arm64: GICv4: Prevent userspace from changing doorbell affinity
  KVM: arm/arm64: GICv4: Prevent a VM using GICv4 from being saved
  KVM: arm/arm64: GICv4: Enable virtual cpuif if VLPIs can be delivered
  KVM: arm/arm64: GICv4: Hook vPE scheduling into vgic flush/sync
  KVM: arm/arm64: GICv4: Use the doorbell interrupt as an unblocking source
  KVM: arm/arm64: GICv4: Add doorbell interrupt handling
  KVM: arm/arm64: GICv4: Use pending_last as a scheduling hint
  KVM: arm/arm64: GICv4: Handle INVALL applied to a vPE
  KVM: arm/arm64: GICv4: Propagate property updates to VLPIs
  KVM: arm/arm64: GICv4: Handle MOVALL applied to a vPE
  KVM: arm/arm64: GICv4: Handle CLEAR applied to a VLPI
  KVM: arm/arm64: GICv4: Propagate affinity changes to the physical ITS
  KVM: arm/arm64: GICv4: Unmap VLPI when freeing an LPI
  ...
2017-11-24 19:44:25 -10:00
Linus Torvalds 83ada03196 powerpc fixes for 4.15 #2
A small batch of fixes, about 50% tagged for stable and the rest for recently
 merged code.
 
 There's one more fix for the >128T handling on hash. Once a process had
 requested a single mmap above 128T we would then always search above 128T. The
 correct behaviour is to consider the hint address in isolation for each mmap
 request.
 
 Then a couple of fixes for the IMC PMU, a missing EXPORT_SYMBOL in VAS, a fix
 for STRICT_KERNEL_RWX on 32-bit, and a fix to correctly identify P9 DD2.1 but in
 code that is currently not used by default.
 
 Thanks to:
   Aneesh Kumar K.V, Christophe Leroy, Madhavan Srinivasan, Sukadev Bhattiprolu.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJaF/VqAAoJEFHr6jzI4aWA994P/3NNXkSASJHjLrIlQAKXtmx9
 lrv1v+6MbPWhyB8Q8LVnnC3Ab2LTHnkccjq2Jw0bP0RQ86HF4mH7Sb7N5Wj0cG+M
 5NioikvGE057ncLfxVhesOK0C9Lhc7Zb+zphXZliYP76IGxwbxorJRepeZctVkyO
 KPMv4eaImdblVn71aoQQSlepON4+/rtiW2yo5u98uCqR+Ttds4J1fiDZ4TNrBYRP
 Ilh6DmA//CWvN+KsGT+brRd/PjEkxQKHyS8px3lxRl4cwCJucXPCik/Gn9t6OiMw
 3S6y1Mu8nrh4z+YepKv6APvl2DEwwXn8w9f85kn+QiE9Qp3Z/wckW9/4LT5FeuKE
 L8E3dKq2NzJ9oDs/20sVbBvVR7CUvBoyWytsXVkmmlC6sVReTrYAJ1UP9HnNvcF6
 be4zYUKusU83uG6saGgchRrPUrD31XKXw8Piv9EoWo1Uz7VgWCkxidclRNocgeDO
 k5VxYnRd9jPsv2pCzXH2YmuQAypGUh12IPTxEOnSt5uzXSXcamZJBLKp5fAJ/9dl
 jD6GlRQMX8JpNRJzxOBLly3CmwQBw2ekOuPLXI+M/ilks66AGK8lp4bg5cWwDGNe
 puzmRJ2mO3dnFlVUHBQ5LyX8ne4yunin1JZB1YQ4xm8yxZbGO2AdypEWMSkPKNPN
 fkrGPlwQ1JwFheMbHHLj
 =gv70
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-4.15-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:
 "A small batch of fixes, about 50% tagged for stable and the rest for
  recently merged code.

  There's one more fix for the >128T handling on hash. Once a process
  had requested a single mmap above 128T we would then always search
  above 128T. The correct behaviour is to consider the hint address in
  isolation for each mmap request.

  Then a couple of fixes for the IMC PMU, a missing EXPORT_SYMBOL in
  VAS, a fix for STRICT_KERNEL_RWX on 32-bit, and a fix to correctly
  identify P9 DD2.1 but in code that is currently not used by default.

  Thanks to: Aneesh Kumar K.V, Christophe Leroy, Madhavan Srinivasan,
  Sukadev Bhattiprolu"

* tag 'powerpc-4.15-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/64s: Fix Power9 DD2.1 logic in DT CPU features
  powerpc/perf: Fix IMC_MAX_PMU macro
  powerpc/perf: Fix pmu_count to count only nest imc pmus
  powerpc: Fix boot on BOOK3S_32 with CONFIG_STRICT_KERNEL_RWX
  powerpc/perf/imc: Use cpu_to_node() not topology_physical_package_id()
  powerpc/vas: Export chip_to_vas_id()
  powerpc/64s/slice: Use addr limit when computing slice mask
2017-11-24 19:40:12 -10:00
Linus Torvalds eda5d47134 Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending
Pull SCSI target updates from Nicholas Bellinger:

 "This series is predominantly bug-fixes, with a few small improvements
  that have been outstanding over the last release cycle.

  As usual, the associated bug-fixes have CC' tags for stable.

  Also, things have been particularly quiet wrt new developments the
  last months, with most folks continuing to focus on stability atop 4.x
  stable kernels for their respective production configurations.

  Also at this point, the stable trees have been synced up with
  mainline. This will continue to be a priority, as production users
  tend to run exclusively atop stable kernels, a few releases behind
  mainline.

  The highlights include:

   - Fix PR PREEMPT_AND_ABORT null pointer dereference regression in
     v4.11+ (tangwenji)

   - Fix OOPs during removing TCMU device (Xiubo Li + Zhang Zhuoyu)

   - Add netlink command reply supported option for each device (Kenjiro
     Nakayama)

   - cxgbit: Abort the TCP connection in case of data out timeout (Varun
     Prakash)

   - Fix PR/ALUA file path truncation (David Disseldorp)

   - Fix double se_cmd completion during ->cmd_time_out (Mike Christie)

   - Fix QUEUE_FULL + SCSI task attribute handling in 4.1+ (Bryant Ly +
     nab)

   - Fix quiese during transport_write_pending_qf endless loop (nab)

   - Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK in 3.14+
     (Don White + nab)"

* 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending: (35 commits)
  tcmu: Add a missing unlock on an error path
  tcmu: Fix some memory corruption
  iscsi-target: Fix non-immediate TMR reference leak
  iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref
  target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK
  target: Fix quiese during transport_write_pending_qf endless loop
  target: Fix caw_sem leak in transport_generic_request_failure
  target: Fix QUEUE_FULL + SCSI task attribute handling
  iSCSI-target: Use common error handling code in iscsi_decode_text_input()
  target/iscsi: Detect conn_cmd_list corruption early
  target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd()
  target/iscsi: Modify iscsit_do_crypto_hash_buf() prototype
  target/iscsi: Fix endianness in an error message
  target/iscsi: Use min() in iscsit_dump_data_payload() instead of open-coding it
  target/iscsi: Define OFFLOAD_BUF_SIZE once
  target: Inline transport_put_cmd()
  target: Suppress gcc 7 fallthrough warnings
  target: Move a declaration of a global variable into a header file
  tcmu: fix double se_cmd completion
  target: return SAM_STAT_TASK_SET_FULL for TCM_OUT_OF_RESOURCES
  ...
2017-11-24 19:19:20 -10:00
Ondrej Mosnáček c14ca83865 crypto: skcipher - Fix skcipher_walk_aead_common
The skcipher_walk_aead_common function calls scatterwalk_copychunks on
the input and output walks to skip the associated data. If the AD end
at an SG list entry boundary, then after these calls the walks will
still be pointing to the end of the skipped region.

These offsets are later checked for alignment in skcipher_walk_next,
so the skcipher_walk may detect the alignment incorrectly.

This patch fixes it by calling scatterwalk_done after the copychunks
calls to ensure that the offsets refer to the right SG list entry.

Fixes: b286d8b1a6 ("crypto: skcipher - Add skcipher walk interface")
Cc: <stable@vger.kernel.org>
Signed-off-by: Ondrej Mosnacek <omosnacek@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-11-25 08:08:52 +08:00
Johannes Berg 01a95b2141 cfg80211: select CRYPTO_SHA256 if needed
When regulatory database certificates are built-in, they're
currently using the SHA256 digest algorithm, so add that to
the build in that case.

Also add a note that for custom certificates, one may need
to add the right algorithms.

Reported-by: Florian Fainelli <f.fainelli@gmail.com>
Tested-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-11-24 22:18:37 +01:00
Zhu Yanjun ca43a0c73d forcedeth: replace pci_unmap_page with dma_unmap_page
The function pci_unmap_page is obsolete. So it is replaced with
the function dma_unmap_page.

CC: Srinivas Eeda <srinivas.eeda@oracle.com>
CC: Joe Jin <joe.jin@oracle.com>
CC: Junxiao Bi <junxiao.bi@oracle.com>
Signed-off-by: Zhu Yanjun <yanjun.zhu@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-25 05:08:53 +09:00
David S. Miller 5f109b94fb RxRPC fixes
-----BEGIN PGP SIGNATURE-----
 
 iQIVAwUAWhfyR/Sw1s6N8H32AQITwA//YY35HFqAiox+QiUJAeW0E/KZGwcGHzW9
 KTdofOzwNQzrpWD4tcjeYHxccmO/qD8kQssMcfJlPpknAXE4bPg4OC50PoAEc3Xm
 UTurZ2dT0T8lK/wzfouYFdVfS1Pvd4tLlQ2HZC4DarJNSD1O37NLVPkbkrgfpwMx
 pekNUi6nDt7KTcpX2ysRJbYJJ8QrRmGIW1Jk+rtZYhgxGF7RwLGzCttl1RxMemAw
 ecilmlCYvaiawyJkhd03rAY6U76SMq/lH/Pq8XhRZjlVD/NzdGr7RaTxkISv713W
 q7Xk7kIf71OJNlHoAXa/J+4GbUDJBO0SFermD15MFJZ/mKCfSPsqKxSXFXti3CBj
 bgotkD2txkmToLKxiETB57JzEtqH8nr7aWVAccHP4n+EKUA0iNo7tgWi9e0jW0eX
 OxlEA9dfS+gQkGp7uwnxyWmBwCyEIUAu7smUWo4eEqsw6Kq4je6vxth5f++FlcSF
 mKuNm85l9BYUVKqGSvKnHvH8fZSoURzNqvovcj/tF8JJL90WXWt9hoWFt8WpqERj
 erPU+viMgKaA+iB/ZKKLlcoMt6xaOanXfQFNzFjcfq0Y0jfrWna8lFF5KeCV1W1j
 1HKTWwPQypy2v3JTkjpGGqY4zYZc7Y0heN8msVNg7MR9MeurKrXu2Kv113PzA6Cc
 pmTwehqC7hU=
 =Rakt
 -----END PGP SIGNATURE-----

Merge tag 'rxrpc-fixes-20171124' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs

David Howells says:

====================
rxrpc: Fixes and improvements

Here's a set of patches that fix and improve some stuff in the AF_RXRPC
protocol:

The patches are:

 (1) Unlock mutex returned by rxrpc_accept_call().

 (2) Don't set connection upgrade by default.

 (3) Differentiate the call->user_mutex used by the kernel from that used
     by userspace calling sendmsg() to avoid lockdep warnings.

 (4) Delay terminal ACK transmission to a work queue so that it can be
     replaced by the next call if there is one.

 (5) Split the call parameters from the connection parameters so that more
     call-specific parameters can be passed through.

 (6) Fix the call timeouts to work the same as for other RxRPC/AFS
     implementations.

 (7) Don't transmit DELAY ACKs immediately, but instead delay them slightly
     so that can be discarded or can represent more packets.

 (8) Use RTT to calculate certain protocol timeouts.

 (9) Add a timeout to detect lost ACK/DATA packets.

(10) Add a keepalive function so that we ping the peer if we haven't
     transmitted for a short while, thereby keeping intervening firewall
     routes open.

(11) Make service endpoints expire like they're supposed to so that the UDP
     port can be reused.

(12) Fix connection expiry timers to make cleanup happen in a more timely
     fashion.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-25 05:07:17 +09:00
Kees Cook 54b8a2306b m68k/macboing: Fix missed timer callback assignment
This fixes a missed function prototype callback from the timer conversions.

Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20171123221902.GA75727@beast
2017-11-24 16:19:40 +01:00
Colin Ian King 43dd388b21 afs: remove redundant assignment of dvnode to itself
The assignment of dvnode to itself is redundant and can be removed.
Cleans up warning detected by cppcheck:

fs/afs/dir.c:975: (warning) Redundant assignment of 'dvnode' to itself.

Fixes: d2ddc776a4 ("afs: Overhaul volume and server record caching and fileserver rotation")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 13:55:46 +00:00
Gustavo A. R. Silva 6832795164 afs: cell: Remove unnecessary code in afs_lookup_cell
Due to recent changes this piece of code is no longer needed.

Addresses-Coverity-ID: 1462033
Link: https://lkml.kernel.org/r/4923.1510957307@warthog.procyon.org.uk
Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 13:55:45 +00:00
David Howells 4433b69141 afs: Fix signal handling in some file ops
afs_mkdir(), afs_create(), afs_link() and afs_symlink() all need to drop
the target dentry if a signal causes the operation to be killed immediately
before we try to contact the server.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 13:55:35 +00:00
David Howells bc1527dcb4 afs: Fix some dentry handling in dir ops and missing key_puts
Fix some of dentry handling in AFS directory ops:

 (1) Do d_drop() on the new_dentry before assigning a new inode to it in
     afs_vnode_new_inode().  It's fine to do this before calling afs_iget()
     because the operation has taken place on the server.

 (2) Replace d_instantiate()/d_rehash() with d_add().

 (3) Don't d_drop() the new_dentry in afs_rename() on error.

Also fix afs_link() and afs_rename() to call key_put() on all error paths
where the key is taken.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:56:51 +00:00
David Howells 5a039c3227 afs: Make afs_write_begin() avoid writing to a page that's being stored
Make afs_write_begin() wait for a page that's marked PG_writeback because:

 (1) We need to avoid interference with the data being stored so that the
     data on the server ends up in a defined state.

 (2) page->private is used to track the window of dirty data within a page,
     but it's also used by the storage code to track what's being written,
     being cleared by the completion notification.  Ownership can't be
     relinquished by the storage code until completion because it a store
     fails, the data must be remarked dirty.

Tracing shows something like the following (edited):

 x86_64-linux-gn-15940 [1] afs_page_dirty: vn=ffff8800bef33800 9c75 begin 0-125
    kworker/u8:3-114   [2] afs_page_dirty: vn=ffff8800bef33800 9c75 store+ 0-125
 x86_64-linux-gn-15940 [1] afs_page_dirty: vn=ffff8800bef33800 9c75 begin 0-2052
    kworker/u8:3-114   [2] afs_page_dirty: vn=ffff8800bef33800 9c75 clear 0-2052
    kworker/u8:3-114   [2] afs_page_dirty: vn=ffff8800bef33800 9c75 store 0-0
    kworker/u8:3-114   [2] afs_page_dirty: vn=ffff8800bef33800 9c75 WARN 0-0

The clear (completion) corresponding to the store+ (store continuation from
a previous page) happens between the second begin (afs_write_begin) and the
store corresponding to that.  This results in the second store not seeing
any data to write back, leading to the following warning:

WARNING: CPU: 2 PID: 114 at ../fs/afs/write.c:403 afs_write_back_from_locked_page+0x19d/0x76c [kafs]
Modules linked in: kafs(E)
CPU: 2 PID: 114 Comm: kworker/u8:3 Tainted: G            E   4.14.0-fscache+ #242
Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014
Workqueue: writeback wb_workfn (flush-afs-2)
task: ffff8800cad72600 task.stack: ffff8800cad44000
RIP: 0010:afs_write_back_from_locked_page+0x19d/0x76c [kafs]
RSP: 0018:ffff8800cad47aa0 EFLAGS: 00010246
RAX: 0000000000000001 RBX: ffff8800bef33a20 RCX: 0000000000000000
RDX: 000000000000000f RSI: ffffffff81c5d0e0 RDI: ffff8800cad72e78
RBP: ffff8800d31ea1e8 R08: ffff8800c1358000 R09: ffff8800ca00e400
R10: ffff8800cad47a38 R11: ffff8800c5d9e400 R12: 0000000000000000
R13: ffffea0002d9df00 R14: ffffffffa0023c1c R15: 0000000000007fdf
FS:  0000000000000000(0000) GS:ffff8800ca700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f85ac6c4000 CR3: 0000000001c10001 CR4: 00000000001606e0
Call Trace:
 ? clear_page_dirty_for_io+0x23a/0x267
 afs_writepages_region+0x1be/0x286 [kafs]
 afs_writepages+0x60/0x127 [kafs]
 do_writepages+0x36/0x70
 __writeback_single_inode+0x12f/0x635
 writeback_sb_inodes+0x2cc/0x452
 __writeback_inodes_wb+0x68/0x9f
 wb_writeback+0x208/0x470
 ? wb_workfn+0x22b/0x565
 wb_workfn+0x22b/0x565
 ? worker_thread+0x230/0x2ac
 process_one_work+0x2cc/0x517
 ? worker_thread+0x230/0x2ac
 worker_thread+0x1d4/0x2ac
 ? rescuer_thread+0x29b/0x29b
 kthread+0x15d/0x165
 ? kthread_create_on_node+0x3f/0x3f
 ? call_usermodehelper_exec_async+0x118/0x11f
 ret_from_fork+0x24/0x30

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:56:51 +00:00
David Howells 3d18cbb7fd rxrpc: Fix conn expiry timers
Fix the rxrpc connection expiry timers so that connections for closed
AF_RXRPC sockets get deleted in a more timely fashion, freeing up the
transport UDP port much more quickly.

 (1) Replace the delayed work items with work items plus timers so that
     timer_reduce() can be used to shorten them and so that the timer
     doesn't requeue the work item if the net namespace is dead.

 (2) Don't use queue_delayed_work() as that won't alter the timeout if the
     timer is already running.

 (3) Don't rearm the timers if the network namespace is dead.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:42 +00:00
David Howells f859ab6187 rxrpc: Fix service endpoint expiry
RxRPC service endpoints expire like they're supposed to by the following
means:

 (1) Mark dead rxrpc_net structs (with ->live) rather than twiddling the
     global service conn timeout, otherwise the first rxrpc_net struct to
     die will cause connections on all others to expire immediately from
     then on.

 (2) Mark local service endpoints for which the socket has been closed
     (->service_closed) so that the expiration timeout can be much
     shortened for service and client connections going through that
     endpoint.

 (3) rxrpc_put_service_conn() needs to schedule the reaper when the usage
     count reaches 1, not 0, as idle conns have a 1 count.

 (4) The accumulator for the earliest time we might want to schedule for
     should be initialised to jiffies + MAX_JIFFY_OFFSET, not ULONG_MAX as
     the comparison functions use signed arithmetic.

 (5) Simplify the expiration handling, adding the expiration value to the
     idle timestamp each time rather than keeping track of the time in the
     past before which the idle timestamp must go to be expired.  This is
     much easier to read.

 (6) Ignore the timeouts if the net namespace is dead.

 (7) Restart the service reaper work item rather the client reaper.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:42 +00:00
David Howells 415f44e432 rxrpc: Add keepalive for a call
We need to transmit a packet every so often to act as a keepalive for the
peer (which has a timeout from the last time it received a packet) and also
to prevent any intervening firewalls from closing the route.

Do this by resetting a timer every time we transmit a packet.  If the timer
ever expires, we transmit a PING ACK packet and thereby also elicit a PING
RESPONSE ACK from the other side - which prevents our last-rx timeout from
expiring.

The timer is set to 1/6 of the last-rx timeout so that we can detect the
other side going away if it misses 6 replies in a row.

This is particularly necessary for servers where the processing of the
service function may take a significant amount of time.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:42 +00:00
David Howells bd1fdf8cfd rxrpc: Add a timeout for detecting lost ACKs/lost DATA
Add an extra timeout that is set/updated when we send a DATA packet that
has the request-ack flag set.  This allows us to detect if we don't get an
ACK in response to the latest flagged packet.

The ACK packet is adjudged to have been lost if it doesn't turn up within
2*RTT of the transmission.

If the timeout occurs, we schedule the sending of a PING ACK to find out
the state of the other side.  If a new DATA packet is ready to go sooner,
we cancel the sending of the ping and set the request-ack flag on that
instead.

If we get back a PING-RESPONSE ACK that indicates a lower tx_top than what
we had at the time of the ping transmission, we adjudge all the DATA
packets sent between the response tx_top and the ping-time tx_top to have
been lost and retransmit immediately.

Rather than sending a PING ACK, we could just pick a DATA packet and
speculatively retransmit that with request-ack set.  It should result in
either a REQUESTED ACK or a DUPLICATE ACK which we can then use in lieu the
a PING-RESPONSE ACK mentioned above.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:42 +00:00
David Howells beb8e5e4f3 rxrpc: Express protocol timeouts in terms of RTT
Express protocol timeouts for data retransmission and deferred ack
generation in terms on RTT rather than specified timeouts once we have
sufficient RTT samples.

For the moment, this requires just one RTT sample to be able to use this
for ack deferral and two for data retransmission.

The data retransmission timeout is set at RTT*1.5 and the ACK deferral
timeout is set at RTT.

Note that the calculated timeout is limited to a minimum of 4ns to make
sure it doesn't happen too quickly.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:41 +00:00
David Howells 8637abaa72 rxrpc: Don't transmit DELAY ACKs immediately on proposal
Don't transmit a DELAY ACK immediately on proposal when the Rx window is
rotated, but rather defer it to the work function.  This means that we have
a chance to queue/consume more received packets before we actually send the
DELAY ACK, or even cancel it entirely, thereby reducing the number of
packets transmitted.

We do, however, want to continue sending other types of packet immediately,
particularly REQUESTED ACKs, as they may be used for RTT calculation by the
other side.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:41 +00:00
David Howells a158bdd324 rxrpc: Fix call timeouts
Fix the rxrpc call expiration timeouts and make them settable from
userspace.  By analogy with other rx implementations, there should be three
timeouts:

 (1) "Normal timeout"

     This is set for all calls and is triggered if we haven't received any
     packets from the peer in a while.  It is measured from the last time
     we received any packet on that call.  This is not reset by any
     connection packets (such as CHALLENGE/RESPONSE packets).

     If a service operation takes a long time, the server should generate
     PING ACKs at a duration that's substantially less than the normal
     timeout so is to keep both sides alive.  This is set at 1/6 of normal
     timeout.

 (2) "Idle timeout"

     This is set only for a service call and is triggered if we stop
     receiving the DATA packets that comprise the request data.  It is
     measured from the last time we received a DATA packet.

 (3) "Hard timeout"

     This can be set for a call and specified the maximum lifetime of that
     call.  It should not be specified by default.  Some operations (such
     as volume transfer) take a long time.

Allow userspace to set/change the timeouts on a call with sendmsg, using a
control message:

	RXRPC_SET_CALL_TIMEOUTS

The data to the message is a number of 32-bit words, not all of which need
be given:

	u32 hard_timeout;	/* sec from first packet */
	u32 idle_timeout;	/* msec from packet Rx */
	u32 normal_timeout;	/* msec from data Rx */

This can be set in combination with any other sendmsg() that affects a
call.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:41 +00:00
David Howells 4812417894 rxrpc: Split the call params from the operation params
When rxrpc_sendmsg() parses the control message buffer, it places the
parameters extracted into a structure, but lumps together call parameters
(such as user call ID) with operation parameters (such as whether to send
data, send an abort or accept a call).

Split the call parameters out into their own structure, a copy of which is
then embedded in the operation parameters struct.

The call parameters struct is then passed down into the places that need it
instead of passing the individual parameters.  This allows for extra call
parameters to be added.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:41 +00:00
David Howells 3136ef49a1 rxrpc: Delay terminal ACK transmission on a client call
Delay terminal ACK transmission on a client call by deferring it to the
connection processor.  This allows it to be skipped if we can send the next
call instead, the first DATA packet of which will implicitly ack this call.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:41 +00:00
David Howells 9faaff5934 rxrpc: Provide a different lockdep key for call->user_mutex for kernel calls
Provide a different lockdep key for rxrpc_call::user_mutex when the call is
made on a kernel socket, such as by the AFS filesystem.

The problem is that lockdep registers a false positive between userspace
calling the sendmsg syscall on a user socket where call->user_mutex is held
whilst userspace memory is accessed whereas the AFS filesystem may perform
operations with mmap_sem held by the caller.

In such a case, the following warning is produced.

======================================================
WARNING: possible circular locking dependency detected
4.14.0-fscache+ #243 Tainted: G            E
------------------------------------------------------
modpost/16701 is trying to acquire lock:
 (&vnode->io_lock){+.+.}, at: [<ffffffffa000fc40>] afs_begin_vnode_operation+0x33/0x77 [kafs]

but task is already holding lock:
 (&mm->mmap_sem){++++}, at: [<ffffffff8104376a>] __do_page_fault+0x1ef/0x486

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #3 (&mm->mmap_sem){++++}:
       __might_fault+0x61/0x89
       _copy_from_iter_full+0x40/0x1fa
       rxrpc_send_data+0x8dc/0xff3
       rxrpc_do_sendmsg+0x62f/0x6a1
       rxrpc_sendmsg+0x166/0x1b7
       sock_sendmsg+0x2d/0x39
       ___sys_sendmsg+0x1ad/0x22b
       __sys_sendmsg+0x41/0x62
       do_syscall_64+0x89/0x1be
       return_from_SYSCALL_64+0x0/0x75

-> #2 (&call->user_mutex){+.+.}:
       __mutex_lock+0x86/0x7d2
       rxrpc_new_client_call+0x378/0x80e
       rxrpc_kernel_begin_call+0xf3/0x154
       afs_make_call+0x195/0x454 [kafs]
       afs_vl_get_capabilities+0x193/0x198 [kafs]
       afs_vl_lookup_vldb+0x5f/0x151 [kafs]
       afs_create_volume+0x2e/0x2f4 [kafs]
       afs_mount+0x56a/0x8d7 [kafs]
       mount_fs+0x6a/0x109
       vfs_kern_mount+0x67/0x135
       do_mount+0x90b/0xb57
       SyS_mount+0x72/0x98
       do_syscall_64+0x89/0x1be
       return_from_SYSCALL_64+0x0/0x75

-> #1 (k-sk_lock-AF_RXRPC){+.+.}:
       lock_sock_nested+0x74/0x8a
       rxrpc_kernel_begin_call+0x8a/0x154
       afs_make_call+0x195/0x454 [kafs]
       afs_fs_get_capabilities+0x17a/0x17f [kafs]
       afs_probe_fileserver+0xf7/0x2f0 [kafs]
       afs_select_fileserver+0x83f/0x903 [kafs]
       afs_fetch_status+0x89/0x11d [kafs]
       afs_iget+0x16f/0x4f8 [kafs]
       afs_mount+0x6c6/0x8d7 [kafs]
       mount_fs+0x6a/0x109
       vfs_kern_mount+0x67/0x135
       do_mount+0x90b/0xb57
       SyS_mount+0x72/0x98
       do_syscall_64+0x89/0x1be
       return_from_SYSCALL_64+0x0/0x75

-> #0 (&vnode->io_lock){+.+.}:
       lock_acquire+0x174/0x19f
       __mutex_lock+0x86/0x7d2
       afs_begin_vnode_operation+0x33/0x77 [kafs]
       afs_fetch_data+0x80/0x12a [kafs]
       afs_readpages+0x314/0x405 [kafs]
       __do_page_cache_readahead+0x203/0x2ba
       filemap_fault+0x179/0x54d
       __do_fault+0x17/0x60
       __handle_mm_fault+0x6d7/0x95c
       handle_mm_fault+0x24e/0x2a3
       __do_page_fault+0x301/0x486
       do_page_fault+0x236/0x259
       page_fault+0x22/0x30
       __clear_user+0x3d/0x60
       padzero+0x1c/0x2b
       load_elf_binary+0x785/0xdc7
       search_binary_handler+0x81/0x1ff
       do_execveat_common.isra.14+0x600/0x888
       do_execve+0x1f/0x21
       SyS_execve+0x28/0x2f
       do_syscall_64+0x89/0x1be
       return_from_SYSCALL_64+0x0/0x75

other info that might help us debug this:

Chain exists of:
  &vnode->io_lock --> &call->user_mutex --> &mm->mmap_sem

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&mm->mmap_sem);
                               lock(&call->user_mutex);
                               lock(&mm->mmap_sem);
  lock(&vnode->io_lock);

 *** DEADLOCK ***

1 lock held by modpost/16701:
 #0:  (&mm->mmap_sem){++++}, at: [<ffffffff8104376a>] __do_page_fault+0x1ef/0x486

stack backtrace:
CPU: 0 PID: 16701 Comm: modpost Tainted: G            E   4.14.0-fscache+ #243
Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014
Call Trace:
 dump_stack+0x67/0x8e
 print_circular_bug+0x341/0x34f
 check_prev_add+0x11f/0x5d4
 ? add_lock_to_list.isra.12+0x8b/0x8b
 ? add_lock_to_list.isra.12+0x8b/0x8b
 ? __lock_acquire+0xf77/0x10b4
 __lock_acquire+0xf77/0x10b4
 lock_acquire+0x174/0x19f
 ? afs_begin_vnode_operation+0x33/0x77 [kafs]
 __mutex_lock+0x86/0x7d2
 ? afs_begin_vnode_operation+0x33/0x77 [kafs]
 ? afs_begin_vnode_operation+0x33/0x77 [kafs]
 ? afs_begin_vnode_operation+0x33/0x77 [kafs]
 afs_begin_vnode_operation+0x33/0x77 [kafs]
 afs_fetch_data+0x80/0x12a [kafs]
 afs_readpages+0x314/0x405 [kafs]
 __do_page_cache_readahead+0x203/0x2ba
 ? filemap_fault+0x179/0x54d
 filemap_fault+0x179/0x54d
 __do_fault+0x17/0x60
 __handle_mm_fault+0x6d7/0x95c
 handle_mm_fault+0x24e/0x2a3
 __do_page_fault+0x301/0x486
 do_page_fault+0x236/0x259
 page_fault+0x22/0x30
RIP: 0010:__clear_user+0x3d/0x60
RSP: 0018:ffff880071e93da0 EFLAGS: 00010202
RAX: 0000000000000000 RBX: 000000000000011c RCX: 000000000000011c
RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000060f720
RBP: 000000000060f720 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: ffff8800b5459b68 R12: ffff8800ce150e00
R13: 000000000060f720 R14: 00000000006127a8 R15: 0000000000000000
 padzero+0x1c/0x2b
 load_elf_binary+0x785/0xdc7
 search_binary_handler+0x81/0x1ff
 do_execveat_common.isra.14+0x600/0x888
 do_execve+0x1f/0x21
 SyS_execve+0x28/0x2f
 do_syscall_64+0x89/0x1be
 entry_SYSCALL64_slow_path+0x25/0x25
RIP: 0033:0x7fdb6009ee07
RSP: 002b:00007fff566d9728 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 000055ba57280900 RCX: 00007fdb6009ee07
RDX: 000055ba5727f270 RSI: 000055ba5727cac0 RDI: 000055ba57280900
RBP: 000055ba57280900 R08: 00007fff566d9700 R09: 0000000000000000
R10: 000055ba5727cac0 R11: 0000000000000246 R12: 0000000000000000
R13: 000055ba5727cac0 R14: 000055ba5727f270 R15: 0000000000000000

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:40 +00:00
David Howells 48ca24636d rxrpc: Don't set upgrade by default in sendmsg()
Don't set upgrade by default when creating a call from sendmsg().  This is
a holdover from when I was testing the code.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:40 +00:00
David Howells 03a6c82218 rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing
The caller of rxrpc_accept_call() must release the lock on call->user_mutex
returned by that function.

Signed-off-by: David Howells <dhowells@redhat.com>
2017-11-24 10:18:40 +00:00
Thomas Gleixner 3f5fe9fef5 sched/debug: Fix task state recording/printout
The recent conversion of the task state recording to use task_state_index()
broke the sched_switch tracepoint task state output.

task_state_index() returns surprisingly an index (0-7) which is then
printed with __print_flags() applying bitmasks. Not really working and
resulting in weird states like 'prev_state=t' instead of 'prev_state=I'.

Use TASK_REPORT_MAX instead of TASK_STATE_MAX to report preemption. Build a
bitmask from the return value of task_state_index() and store it in
entry->prev_state, which makes __print_flags() work as expected.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: stable@vger.kernel.org
Fixes: efb40f588b ("sched/tracing: Fix trace_sched_switch task-state printing")
Link: http://lkml.kernel.org/r/alpine.DEB.2.20.1711221304180.1751@nanos
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-11-24 08:39:12 +01:00
Masami Hiramatsu 12a78d43de x86/decoder: Add new TEST instruction pattern
The kbuild test robot reported this build warning:

  Warning: arch/x86/tools/test_get_len found difference at <jump_table>:ffffffff8103dd2c

  Warning: ffffffff8103dd82: f6 09 d8 testb $0xd8,(%rcx)
  Warning: objdump says 3 bytes, but insn_get_length() says 2
  Warning: decoded and checked 1569014 instructions with 1 warnings

This sequence seems to be a new instruction not in the opcode map in the Intel SDM.

The instruction sequence is "F6 09 d8", means Group3(F6), MOD(00)REG(001)RM(001), and 0xd8.
Intel SDM vol2 A.4 Table A-6 said the table index in the group is "Encoding of Bits 5,4,3 of
the ModR/M Byte (bits 2,1,0 in parenthesis)"

In that table, opcodes listed by the index REG bits as:

  000         001       010 011  100        101        110         111
 TEST Ib/Iz,(undefined),NOT,NEG,MUL AL/rAX,IMUL AL/rAX,DIV AL/rAX,IDIV AL/rAX

So, it seems TEST Ib is assigned to 001.

Add the new pattern.

Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: <stable@vger.kernel.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-11-24 08:36:12 +01:00
Linus Torvalds 1d3b78bbc6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:

 1) Fix PCI IDs of 9000 series iwlwifi devices, from Luca Coelho.

 2) bpf offload bug fixes from Jakub Kicinski.

 3) Fix bpf verifier to NOP out code which is dead at run time because
    due to branch pruning the verifier will not explore such
    instructions. From Alexei Starovoitov.

 4) Fix crash when deleting secondary chains in packet scheduler
    classifier. From Roman Kapl.

 5) Fix buffer management bugs in smc, from Ursula Braun.

 6) Fix regression in anycast route handling, from David Ahern.

 7) Fix link settings regression in r8169, from Tobias Jakobi.

 8) Add back enough UFO support so that live migration still works, from
    Willem de Bruijn.

 9) Linearize enough packet data for the full extent to which the ipvlan
    code will inspect the packet headers, from Gao Feng.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (46 commits)
  ipvlan: Fix insufficient skb linear check for ipv6 icmp
  ipvlan: Fix insufficient skb linear check for arp
  geneve: only configure or fill UDP_ZERO_CSUM6_RX/TX info when CONFIG_IPV6
  net: dsa: bcm_sf2: Clear IDDQ_GLOBAL_PWR bit for PHY
  net: accept UFO datagrams from tuntap and packet
  net: realtek: r8169: implement set_link_ksettings()
  net: ipv6: Fixup device for anycast routes during copy
  net/smc: Fix preinitialization of buf_desc in __smc_buf_create()
  net/smc: use sk_rcvbuf as start for rmb creation
  ipv6: Do not consider linkdown nexthops during multipath
  net: sched: fix crash when deleting secondary chains
  net: phy: cortina: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
  bpf: fix branch pruning logic
  bpf: change bpf_perf_event_output arg5 type to ARG_CONST_SIZE_OR_ZERO
  bpf: change bpf_probe_read_str arg2 type to ARG_CONST_SIZE_OR_ZERO
  bpf: remove explicit handling of 0 for arg2 in bpf_probe_read
  bpf: introduce ARG_PTR_TO_MEM_OR_NULL
  i40evf: Use smp_rmb rather than read_barrier_depends
  fm10k: Use smp_rmb rather than read_barrier_depends
  igb: Use smp_rmb rather than read_barrier_depends
  ...
2017-11-23 21:18:46 -10:00
Linus Torvalds 36f20ee24b platform-drivers-x86 for v4.15-2
Fix two issues resulting from the dell-smbios refactoring and
 introduction of the dell-smbios-wmi dispatcher. The first ensures a
 proper error code is returned when kzalloc fails. The second avoids an
 issue in older Dell BIOS implementations which would fail if the more
 complex calls were made by limiting those platforms to the simple calls
 such as those used by the existing dell-laptop and dell-wmi drivers,
 preserving their functionality prior to the addition of the
 dell-smbios-wmi dispatcher.
 
 The following is an automated git shortlog grouped by driver:
 
 dell-laptop:
  -  Fix error return code in dell_init()
 
 dell-smbios-wmi:
  -  Disable userspace interface if missing hotfix
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJaFg4hAAoJEKbMaAwKp3647McIALuFgfx4WCM0QDlvvvyyjayv
 WtGcxGOgafPEVuHn5OyTIOYNlko009uhV/Y3D+F4/Fo4Q3zu3iBu479BALBXr9Uj
 OEkFxdJnrSTCpExsBDuCOEpB1eLvr2ceWF7KAmWR7cktLCtd6E7vNzLF/VOdiC/z
 yGvuAwQtMvX3RnR0DWFcx4qJPDyIZCQJ0HLYlTG6mPjR5YkyOkxhKnmIj+ljU5jV
 M7/yBH8EpI6YLjN0uGdWXHYiEp45OX5CJMSHGvKI6KE5s+6dy1r5fJWw/FLSSGgv
 wxBiuQuDGeDdqcKBCEAZ4fedvbQRJdSUlY/ZDgWtBzpSY/AdCexyY5zAR0XVxos=
 =NK+B
 -----END PGP SIGNATURE-----

Merge tag 'platform-drivers-x86-v4.15-2' of git://git.infradead.org/linux-platform-drivers-x86

Pull x86 platform driver fixes from Darren Hart:
 "Fix two issues resulting from the dell-smbios refactoring and
  introduction of the dell-smbios-wmi dispatcher.

  The first ensures a proper error code is returned when kzalloc fails.

  The second avoids an issue in older Dell BIOS implementations which
  would fail if the more complex calls were made by limiting those
  platforms to the simple calls such as those used by the existing
  dell-laptop and dell-wmi drivers, preserving their functionality prior
  to the addition of the dell-smbios-wmi dispatcher"

* tag 'platform-drivers-x86-v4.15-2' of git://git.infradead.org/linux-platform-drivers-x86:
  platform/x86: dell-laptop: fix error return code in dell_init()
  platform/x86: dell-smbios-wmi: Disable userspace interface if missing hotfix
2017-11-23 21:14:30 -10:00
Linus Torvalds 06c944005b SCSI fixes on 20171122
Two basic fixes: one for the sparse problem with the blacklist flags
 and another for a hang forever in bnx2i.
 
 Signed-off-by: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJaFmsjAAoJEAVr7HOZEZN4YNEP/Al9FcWLPhjXBgXLPyubqSHP
 okVIuXgDa32sNO11z9MOmPIIqHoDEBIupjIAqGaLlwkTOGEEJNsnx55kQnoYVmkU
 cQ+toq6mn9nX4Sg48J/ymIKHd9d1THdmbK7q0w18yQChO0DUfppZnmfBF7fktiKO
 nXPEV7kDtNSEfgdaDVGiDexDUFdHc9XReiGeHZOAKKyEZfKc5f/D7rAWEW5q/FXQ
 gP6EVQJBxAUTLwwu50SUOkyPOfdCDbqPBbWKK4lgtVFIWgFC2RkQwpIcxjInvRYI
 D5O58p5fnWN5jGjGcqKFzrDBjbQpX42FReyTSz/6pqqmBTjYm9Fj6umcHDc2NBpL
 BmcVhYXC6Up145bGpTUD0tMI70LFkW08RIAfhFMjL1PUI1B1mxKMQ++PLRFIYprZ
 rEK0EcYWPwDi3uk/250TKx3YrNS94p6/NlFhAxzIWz5sZgcDNlNGmlyliW0OuQUX
 BT1nL/+RPYitm/yI9W0M6t26+ENTzmieetdtiBI1iD7KMkLAvmrYjGK6lXtpBawA
 4CNAMLlhyZBY4fpV/i+hDJN5Ex90rA04JBgYRWgAQ4s8dZHMGWw86UaXXQj2ngMw
 D67qEj9jSNo5pMoI3UwKhQXPV4M4gU7wM7wK71m4uY6a8UM4G+DhzO/ZPFcqxhW8
 cXziiXtoFdiDNthGjpJU
 =Geku
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "Two basic fixes: one for the sparse problem with the blacklist flags
  and another for a hang forever in bnx2i"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: Use 'blist_flags_t' for scsi_devinfo flags
  scsi: bnx2fc: Fix hung task messages when a cleanup response is not received during abort
2017-11-23 21:12:58 -10:00
Linus Torvalds b64f26c62d sound fixes for 4.15-rc1
All commits found here are small fixes for regression or stable:
 - PCM timestamp behavior fix that could be seen as a regression
 - Remove spurious WARN_ON() from ALSA timer 32bit compat ioctl
 - HD-audio HDMI/DP channel mapping fix for 32bit archs
 - Fix the previous fix for HD-audio initialization code
 - More hardening USB-audio against malicious USB descriptors
 - HD-audio quirks/fixes (Realtek codec, AMD controller)
 - Missing help text for the recent Intel SST kconfig change
 -----BEGIN PGP SIGNATURE-----
 
 iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAloWo6MOHHRpd2FpQHN1
 c2UuZGUACgkQLtJE4w1nLE/ZNg//WUXr72TCs6OdO45C0tbmHTa3xYNSZGsMcbBx
 9GoNk69SGpy9KHX5Xdtgax71mrUXO2BN+vU5R04oVWjcBs7L+BpbVRk9/HMgBYPz
 GEnwziRXG7YiHmMsbxLhu3gjky2qwrmCZQAFMTIR1z9tFDwZwraLuvdE5iZoB8bu
 r7fatcyF8Wqfg2IwqRdJ/ECheFN00TqzPSWG/p8DOrGl/lXaOWv1IJ9rXOzNdkgx
 6UOS5Z6kgaxm6d7Ym7Chn3Fl7EbrKCqCFLw/yG1KB199Q+fiQNeGZgVjLbPIFGjS
 K4dA7p7Ko6eqZP4t8QrvbgW6QBVrjXG5iTW4DBKs7VPUiRcNctGjdSf00ERu+HV5
 NCGEpnYQ5O6mAIHUcXPaQX+0lsK5J2In1ZuBql51sSISGxKH3KZR4yubXcjRbGYL
 IrcwLPdnBaG/V2C6EQwjCiJgXPZwclbZgpU+Js6VWwKKChzLexVVnJHvfPAr+Up/
 uMM5qkimNUJAzCP0v3IRr9RSSscdISM5qKhTloE9q5RqnON74GMjtZ+VisHgt7Pd
 elDkMMEpxVs2ydj7AxwquaXkfUtEtRswwg9CmpJ8qjUGLcqU4K7N3NdK3HCh+Tp6
 EbXzaVCesXN3/MUNjpEoD80KsE2DPYgXYw24DT0LuGVXgTlVm8qkZ21rUK94U7W0
 B9XAAsE=
 =iYNz
 -----END PGP SIGNATURE-----

Merge tag 'sound-fix-4.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "All commits found here are small fixes for regression or stable:

   - PCM timestamp behavior fix that could be seen as a regression

   - Remove spurious WARN_ON() from ALSA timer 32bit compat ioctl

   - HD-audio HDMI/DP channel mapping fix for 32bit archs

   - Fix the previous fix for HD-audio initialization code

   - More hardening USB-audio against malicious USB descriptors

   - HD-audio quirks/fixes (Realtek codec, AMD controller)

   - Missing help text for the recent Intel SST kconfig change"

* tag 'sound-fix-4.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda: Add Raven PCI ID
  ALSA: hda/realtek - Fix ALC700 family no sound issue
  ALSA: hda - Fix yet remaining issue with vmaster 0dB initialization
  ALSA: usb-audio: Add sanity checks in v2 clock parsers
  ALSA: usb-audio: Fix potential zero-division at parsing FU
  ALSA: usb-audio: Fix potential out-of-bound access at parsing SU
  ALSA: usb-audio: Add sanity checks to FE parser
  ALSA: timer: Remove kernel warning at compat ioctl error paths
  ALSA: pcm: update tstamp only if audio_tstamp changed
  ALSA: hda/realtek: Add headset mic support for Intel NUC Skull Canyon
  ALSA: hda: Fix too short HDMI/DP chmap reporting
  ALSA: usb-audio: uac1: Invalidate ctl on interrupt
  ALSA: hda/realtek - Fix ALC275 no sound issue
  ASoC: Intel: Add help text for SND_SOC_INTEL_SST_TOPLEVEL
2017-11-23 21:09:41 -10:00
Linus Torvalds c353bfc6eb fixes/cleanups for rc1, non-desktop flags for VR
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJaFkpiAAoJEAx081l5xIa+LOcQAJqXyh7vx++oPe5kJFC2rCoX
 MqX1aJ4nH8y04QJqLmKx1SC6eyYsTM92rcg3RfHOThktzonD5l2wSO9TvCkmLtr9
 2n9P/aYMcbPTZntrbJc4mQyzd82U0D4h40i5Cmhr9n4gcLPOsOpau/7eclyuEUds
 PHZSTCRq0Ygk1K5VWQPyKsY1k1TqFes2YE46FJzkD8SQwKDfbWxVZG0BPnvqb5Om
 PMVobnEukruzpsSqnetaEYsW89e0TJ2TW9MSCfVohzWvyCVGzmwSzqaooqOkgFe2
 5ZrzA4aW6qRez4nXN2Zw+p9qhS4DZ8MVEJO8qczrR6BGx5yRlHriGhs+5FQskGBT
 Idqj6YZX3x/qab/AXQy0fzn2lrZdwxTolG6BgnNOwdGhyFEfz7P7p9kcv4QLbyn5
 8MynMUcLmOkpouHD0mpIwn5kS7EU4hbEPGOeBwxy54FbiLFWb81FjlGts2N+/ckI
 69UlmyyFZrpxvTmL9vRzvGCeO0zdfvKtBa1GoYWbzNTs8r50F2EtdJkS64SYOVOf
 o4ApcG5bznx42NfBwa3TBc+NETTYJPS0blFImPVu1qvdQn5AciX137vYbqzwuqac
 2gM2m6Rdfpncw/3VRIePwXYwpNS/3fsa3V6UgzTFlDhrQCtP2XxKPhfru7pFN+te
 Vav1I46Q8pa7ko8dS3A3
 =P4O6
 -----END PGP SIGNATURE-----

Merge tag 'drm-for-v4.15-part2' of git://people.freedesktop.org/~airlied/linux

Pull more drm updates from Dave Airlie:
 "Fixes/cleanups for rc1, non-desktop flags for VR

   - remove the MSM dt-bindings file Rob managed to push in the previous
     pull.

   - add a property/edid quirk to denote HMD devices, I had these
     hanging around for a few weeks and Keith had done some work on
     them, they are fairly self contained and small, and only affect
     people using HTC Vive VR headsets so far.

   - amdgpu, tegra, tilcdc, fsl fixes

   - some imx-drm cleanups I missed, these seemed pretty small, and no
     reason to hold off.

  I have one TTM regression fix (fixes bochs-vga in qemu) sitting
  locally awaiting review I'll probably send that in a separate pull
  request tomorrow"

* tag 'drm-for-v4.15-part2' of git://people.freedesktop.org/~airlied/linux: (33 commits)
  dt-bindings: remove file that was added accidentally
  drm/edid: quirk HTC vive headset as non-desktop. [v2]
  drm/fb: add support for not enabling fbcon on non-desktop displays [v2]
  drm: add connector info/property for non-desktop displays [v2]
  drm/amdgpu: fix rmmod KCQ disable failed error
  drm/amdgpu: fix kernel hang when starting VNC server
  drm/amdgpu: don't skip attributes when powerplay is enabled
  drm/amd/pp: fix typecast error in powerplay.
  drm/tilcdc: Remove obsolete "ti,tilcdc,slave" dts binding support
  drm/tegra: sor: Reimplement pad clock
  Revert "drm/radeon: dont switch vt on suspend"
  drm/amd/amdgpu: fix over-bound accessing in amdgpu_cs_wait_any_fence
  drm/amd/powerplay: fix unfreeze level smc message for smu7
  drm/amdgpu:fix memleak
  drm/amdgpu:fix memleak in takedown
  drm/amd/pp: fix dpm randomly failed on Vega10
  drm/amdgpu: set f_mapping on exported DMA-bufs
  drm/amdgpu: Properly allocate VM invalidate eng v2
  drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume()
  drm/fsl-dcu: avoid disabling pixel clock twice on suspend
  ...
2017-11-23 21:04:56 -10:00
Linus Torvalds 1d3bc6363a A few late-arriving docs updates that have no real reason to wait. There's
a new "Co-Developed-by" tag described by Greg, and a build enhancement from
 Willy to generate docs warnings during a kernel build (but only when
 additional warnings have been requested in general).
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJaFaXjAAoJEI3ONVYwIuV6AXAQAMDinEQQBxNJmO/PkQrIxT4t
 sgbLfI+Sd9zD/lEb9aC5e99XYqw+SH0H9xtEcOrhwx+fjuzkKa6NKLPWjopGzVxH
 CM+N7lCE3AFuzbBCmcQvQyEelQg+p7rsY+2MGLYxMZINnaHFgTa1lvamcE/wKu5d
 CSXs1K2TwFQEpippYlzTmiWU1Rt3gWKGwtBFgLtikSBqiS3HVr4yn7dgm1WTEpVo
 IZPQYoglHjb8vL/vnVDDsfu1PW6Q1uE1aBSgTFBgFIv3UXJBBSlfWQJ7MQsD12Ww
 ZkkAxssFm6TRa87mtgd68Du0Ebg4wZQJG9fizCSy6yIh1ExYxvG0rUmqGrZ1rRYu
 4F+hukXINn7OK5L2laKNQT8ZWCPP+RoN6YUQpz2dhXC3nULZbd5GI9y8pQTdZjmK
 p39SIovicQltlw8ap9MkzTKxm4mvLo/wjFWhQT4qH2QENKO8uSqA9BpLt5a1gJU5
 dSLKDElph5EhliQAQfN/wXdPnTzSaGovele23zTTOLu2vr2JUSnBWWwiaOwuTHRQ
 OEdzxQceoINnc/iqC1qt8F/57E8BT76YedAlmsn77umTXq3mq28wkd1RCRFcjqz5
 KeqrvC5WMSbWZXZDxow7Pr+CPONUy4WpqVbHbwcQ4V8zlFfGjtQdR6zKN88Mb364
 4oJpUwUMz36HchZpi1Tx
 =ydAe
 -----END PGP SIGNATURE-----

Merge tag 'docs-4.15-2' of git://git.lwn.net/linux

Pull documentation updates from Jonathan Corbet:
 "A few late-arriving docs updates that have no real reason to wait.

  There's a new "Co-Developed-by" tag described by Greg, and a build
  enhancement from Willy to generate docs warnings during a kernel build
  (but only when additional warnings have been requested in general)"

* tag 'docs-4.15-2' of git://git.lwn.net/linux:
  Add optional check for bad kernel-doc comments
  Documentation: fix profile= options in kernel-parameters.txt
  documentation/svga.txt: update outdated file
  kokr/memory-barriers.txt: Fix typo in paring example
  kokr/memory-barriers/txt: Replace uses of "transitive"
  Documentation/process: add Co-Developed-by: tag for patches with multiple authors
2017-11-23 21:01:32 -10:00
Linus Torvalds dab0badc87 Merge branch 'next-keys' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull keys update from James Morris:
 "There's nothing too controversial here:

   - Doc fix for keyctl_read().

   - time_t -> time64_t replacement.

   - Set the module licence on things to prevent tainting"

* 'next-keys' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  pkcs7: Set the module licence to prevent tainting
  security: keys: Replace time_t with time64_t for struct key_preparsed_payload
  security: keys: Replace time_t/timespec with time64_t
  KEYS: fix in-kernel documentation for keyctl_read()
2017-11-23 20:51:27 -10:00
Linus Torvalds 26064dea2d + Cleanups
- apparmor: fix spelling mistake: "resoure" -> "resource"
   - apparmor: remove unused redundant variable stop
   - apparmor: Fix bool initialization/comparison
 
 + Bug Fixes
   - apparmor: initialized returned struct aa_perms
   - apparmor: fix leak of null profile name if profile allocation fails
   - apparmor: ensure that undecidable profile attachments fail
   - apparmor: fix profile attachment for special unconfined profiles
   - apparmor: fix locking when creating a new complain profile.
   - apparmor: fix possible recursive lock warning in __aa_create_ns
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCgAGBQJaFFMGAAoJEAUvNnAY1cPY+sEQAK3H5kU+WDzEaMyzCSYEF4p2
 ivlgzEDOvhf+R1nLTEYg2AThUpE0oD2rg78w2T7h19OyTH/mINofOIukDkz+lyRX
 4AXRqLUUf6MXds3yY/m0HCcpE9cRQQEsKT4XDXf1PpsRHKmle+cZbbmKmyCrmAB3
 gRaYGghuIbMlux8nzDZH3osLfdeyKMKgUPCeOvtzO17iZD1RrTjtvfI66Q1KSifu
 3QxTMt7nDYl/i4Owq5NoSF9rVrgDvs9oruuAb25frlCncdBC/dw2thCr/c362LWg
 8f44iquo6benlm7z3BNHU0yAxUYPjYb8RcD3pEwIQqqRgxyuk5kSuh9FKGdo778z
 r8T49/4EQAtfthtmwMmlCG/vrCrGFNITXnIfALJ7mVb+u3MhOyWC/385KrYj/LaS
 YfCHqlxPxOTVVN2vvxMiwVNU2GpTNa/wfpkgTXVErY4OwotepHY65W/YPxaHpjgO
 aFbKUJ9bO6c1Im83fyEpt1RPHWvfWSbtxEZpG3d9FqfAexYUJrF7DQW2SfcEFYr6
 VzMSrpk3/vESZFUmGzFqrhEku8bu8CeEhB5aU3Tvavx64AMOR59niXzkZspM8P9j
 x/IuizHClrYR3TQAyp7Dtl9J2s25GbUkZMNlx0d6X9ILgzHATusrlO+1D+hWy3pm
 9HN3wpEXC1BwLYUcp60M
 =xeyB
 -----END PGP SIGNATURE-----

Merge tag 'apparmor-pr-2017-11-21' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

Pull apparmor updates from John Johansen:
 "No features this time, just minor cleanups and bug fixes.

  Cleanups:
   - fix spelling mistake: "resoure" -> "resource"
   - remove unused redundant variable stop
   - Fix bool initialization/comparison

  Bug Fixes:
   - initialized returned struct aa_perms
   - fix leak of null profile name if profile allocation fails
   - ensure that undecidable profile attachments fail
   - fix profile attachment for special unconfined profiles
   - fix locking when creating a new complain profile.
   - fix possible recursive lock warning in __aa_create_ns"

* tag 'apparmor-pr-2017-11-21' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
  apparmor: fix possible recursive lock warning in __aa_create_ns
  apparmor: fix locking when creating a new complain profile.
  apparmor: fix profile attachment for special unconfined profiles
  apparmor: ensure that undecidable profile attachments fail
  apparmor: fix leak of null profile name if profile allocation fails
  apparmor: remove unused redundant variable stop
  apparmor: Fix bool initialization/comparison
  apparmor: initialized returned struct aa_perms
  apparmor: fix spelling mistake: "resoure" -> "resource"
2017-11-23 20:48:26 -10:00
Stephan Mueller 7d2c3f54e6 crypto: af_alg - remove locking in async callback
The code paths protected by the socket-lock do not use or modify the
socket in a non-atomic fashion. The actions pertaining the socket do not
even need to be handled as an atomic operation. Thus, the socket-lock
can be safely ignored.

This fixes a bug regarding scheduling in atomic as the callback function
may be invoked in interrupt context.

In addition, the sock_hold is moved before the AIO encrypt/decrypt
operation to ensure that the socket is always present. This avoids a
tiny race window where the socket is unprotected and yet used by the AIO
operation.

Finally, the release of resources for a crypto operation is moved into a
common function of af_alg_free_resources.

Cc: <stable@vger.kernel.org>
Fixes: e870456d8e ("crypto: algif_skcipher - overhaul memory management")
Fixes: d887c52d6a ("crypto: algif_aead - overhaul memory management")
Reported-by: Romain Izard <romain.izard.pro@gmail.com>
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Tested-by: Romain Izard <romain.izard.pro@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-11-24 13:23:39 +08:00
Stephan Mueller 8e1fa89aa8 crypto: algif_aead - skip SGL entries with NULL page
The TX SGL may contain SGL entries that are assigned a NULL page. This
may happen if a multi-stage AIO operation is performed where the data
for each stage is pointed to by one SGL entry. Upon completion of that
stage, af_alg_pull_tsgl will assign NULL to the SGL entry.

The NULL cipher used to copy the AAD from TX SGL to the destination
buffer, however, cannot handle the case where the SGL starts with an SGL
entry having a NULL page. Thus, the code needs to advance the start
pointer into the SGL to the first non-NULL entry.

This fixes a crash visible on Intel x86 32 bit using the libkcapi test
suite.

Cc: <stable@vger.kernel.org>
Fixes: 72548b093e ("crypto: algif_aead - copy AAD from src to dst")
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-11-24 13:23:36 +08:00
Dave Airlie c209101fc1 Merge tag 'drm-misc-fixes-2017-11-20' of git://anongit.freedesktop.org/drm/drm-misc into drm-next
4.15 merge window fixes 1

* tag 'drm-misc-fixes-2017-11-20' of git://anongit.freedesktop.org/drm/drm-misc:
  drm/edid: Don't send non-zero YQ in AVI infoframe for HDMI 1.x sinks
  drm/vc4: Account for interrupts in flight
2017-11-24 11:33:29 +10:00
Dave Airlie 0576178f50 drm/i915 fixes for v4.15
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEFWWmW3ewYy4RJOWc05gHnSar7m8FAloWlc0ACgkQ05gHnSar
 7m8OaA//atcYylzdlV5pdfEcJxTu3WmT8yVE2Vmkza5ydPfi6wEes749gk0pei0l
 9vBQA69QOertGfjpKyrSx+01lXdpnn8QN3s5FDZhwOlp6QHX+ak+XF0oNhemQfoL
 yGp+00LYGpTdGRoILMlvisr4hOoeUuxQOyPj5bpdloGbB42qXcbz6Ee5duUXQkxM
 JTavc0vm6uxmuU8+kukDJpzD+2if1kyROMyFj4yvswTwf3qqX3qSx+4WTMTnmOHg
 tlsYzyifZKk7igg6dxh3ufuXdhkW7HNXWIKHbUwYBEw5o7UEuOnKGsaaV1czmV6M
 sJapvjsmPdu4YNqfT2ydMgM3Xd/kUi5OarRkLakVzErz1D2YDMUMXJmkRw5B0K6+
 ZXPUv6qZOjN988g5swnZyexwzCgI06iGjqM/mmxqfzJTSXKWvQrWFemSxqPoMJuB
 PGQ6OVLYwCMZ8zXOr80c8Nd/P/hvZyj6iLd+lWWHfmgo7BSYuDMX7IEAT5zjXWrA
 qVHI9Ddy7zpqmNGZQeLA0fjrciAtG33FTY3SwJwbhsCh+WF8uxp+ttfA4NcsTj/G
 QFazWuVxccp1Eu/KuIFBCso6ppfEYVMijnc3ghViySbxPjfrFK3TC5PHBpQPW2H3
 Td4rPYMDolmTwIOICJkHC5bUMl6bLdrP50kcxd0jId9LyEwmbWM=
 =xo4D
 -----END PGP SIGNATURE-----

Merge tag 'drm-intel-next-fixes-2017-11-23' of git://anongit.freedesktop.org/drm/drm-intel into drm-next

drm/i915 fixes for v4.15

* tag 'drm-intel-next-fixes-2017-11-23' of git://anongit.freedesktop.org/drm/drm-intel:
  drm/i915: Fix init_clock_gating for resume
  drm/i915: Mark the userptr invalidate workqueue as WQ_MEM_RECLAIM
  drm/i915: Clear breadcrumb node when cancelling signaling
  drm/i915/gvt: ensure -ve return value is handled correctly
  drm/i915: Re-register PMIC bus access notifier on runtime resume
  drm/i915: Fix false-positive assert_rpm_wakelock_held in i915_pmic_bus_access_notifier v2
2017-11-24 11:33:12 +10:00
Dave Airlie 0b21871e3d Merge tag 'drm-misc-next-fixes-2017-11-23' of git://anongit.freedesktop.org/drm/drm-misc into drm-next
Fix crtc_id in page_flip event.

* tag 'drm-misc-next-fixes-2017-11-23' of git://anongit.freedesktop.org/drm/drm-misc:
  drm/vblank: Pass crtc_id to page_flip_ioctl.
2017-11-24 11:32:29 +10:00
Dave Airlie 33d22c2ed6 drm/ttm: don't attempt to use hugepages if dma32 requested (v2)
The commit below introduced thp support for ttm allocations, however it didn't
take into account the case where dma32 was requested. Some drivers always request
dma32, and the bochs driver is one of those.

This fixes an oops:

[   30.108507] ------------[ cut here ]------------
[   30.108920] kernel BUG at ./include/linux/gfp.h:408!
[   30.109356] invalid opcode: 0000 [#1] SMP
[   30.109700] Modules linked in: fuse nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack devlink ip_set nfnetlink ebtable_nat ebtable_broute bridge ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack libcrc32c iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables snd_hda_codec_generic kvm_intel kvm snd_hda_intel snd_hda_codec irqbypass ppdev snd_hda_core snd_hwdep snd_seq snd_seq_device snd_pcm bochs_drm ttm joydev drm_kms_helper virtio_balloon snd_timer snd parport_pc drm soundcore parport i2c_piix4 nls_utf8 isofs squashfs zstd_decompress xxhash 8021q garp mrp stp llc virtio_net
[   30.115605]  virtio_console virtio_scsi crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel serio_raw virtio_pci virtio_ring virtio ata_generic pata_acpi qemu_fw_cfg sunrpc scsi_transport_iscsi loop
[   30.117425] CPU: 0 PID: 1347 Comm: gnome-shell Not tainted 4.15.0-0.rc0.git6.1.fc28.x86_64 #1
[   30.118141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014
[   30.118866] task: ffff923a77e03380 task.stack: ffffa78182228000
[   30.119366] RIP: 0010:__alloc_pages_nodemask+0x35e/0x430
[   30.119810] RSP: 0000:ffffa7818222bba8 EFLAGS: 00010202
[   30.120250] RAX: 0000000000000001 RBX: 00000000014382c6 RCX: 0000000000000006
[   30.120840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000000
[   30.121443] RBP: ffff923a760d6000 R08: 0000000000000000 R09: 0000000000000006
[   30.122039] R10: 0000000000000040 R11: 0000000000000300 R12: ffff923a729273c0
[   30.122629] R13: 0000000000000000 R14: 0000000000000000 R15: ffff923a7483d400
[   30.123223] FS:  00007fe48da7dac0(0000) GS:ffff923a7cc00000(0000) knlGS:0000000000000000
[   30.123896] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   30.124373] CR2: 00007fe457b73000 CR3: 0000000078313000 CR4: 00000000000006f0
[   30.124968] Call Trace:
[   30.125186]  ttm_pool_populate+0x19b/0x400 [ttm]
[   30.125578]  ttm_bo_vm_fault+0x325/0x570 [ttm]
[   30.125964]  __do_fault+0x19/0x11e
[   30.126255]  __handle_mm_fault+0xcd3/0x1260
[   30.126609]  handle_mm_fault+0x14c/0x310
[   30.126947]  __do_page_fault+0x28c/0x530
[   30.127282]  do_page_fault+0x32/0x270
[   30.127593]  async_page_fault+0x22/0x30
[   30.127922] RIP: 0033:0x7fe48aae39a8
[   30.128225] RSP: 002b:00007ffc21c4d928 EFLAGS: 00010206
[   30.128664] RAX: 00007fe457b73000 RBX: 000055cd4c1041a0 RCX: 00007fe457b73040
[   30.129259] RDX: 0000000000300000 RSI: 0000000000000000 RDI: 00007fe457b73000
[   30.129855] RBP: 0000000000000300 R08: 000000000000000c R09: 0000000100000000
[   30.130457] R10: 0000000000000001 R11: 0000000000000246 R12: 000055cd4c1041a0
[   30.131054] R13: 000055cd4bdfe990 R14: 000055cd4c104110 R15: 0000000000000400
[   30.131648] Code: 11 01 00 0f 84 a9 00 00 00 65 ff 0d 6d cc dd 44 e9 0f ff ff ff 40 80 cd 80 e9 99 fe ff ff 48 89 c7 e8 e7 f6 01 00 e9 b7 fe ff ff <0f> 0b 0f ff e9 40 fd ff ff 65 48 8b 04 25 80 d5 00 00 8b 40 4c
[   30.133245] RIP: __alloc_pages_nodemask+0x35e/0x430 RSP: ffffa7818222bba8
[   30.133836] ---[ end trace d4f1deb60784f40a ]---

v2: handle free path as well.

Reported-by: Laura Abbott <labbott@redhat.com>
Reported-by: Adam Williamson <awilliam@redhat.com>
Fixes: 0284f1ead8 (drm/ttm: add transparent huge page support for cached allocations v2)
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2017-11-24 11:32:05 +10:00
James Morris ce44cd8dfc Keys devel
-----BEGIN PGP SIGNATURE-----
 
 iQIVAwUAWhc/3fSw1s6N8H32AQLJxQ/9Gw5ns9bipLQ5VeXjgQjY6U39lHWD7z0e
 cz1jYsqOGvWXqoHZumK6fB0NorYZ3EEiWTVqNkpTv1p5ZIJe612G3oe5SOTn2gA5
 1X4qb/QMCr12TIv/R40mXuEsBUZZaUvxK5G7L7/Ty8a9iC+Pp3Tr009ThPvhfDMc
 RRP5MHxPghat+jwRcBjMz3ndQCkoTIlR9qichzQcndv5yywASQFxQsHEeG0tK48j
 NvicJawsr+0kZ2xqpRjRRJ/aQ+lMpI3SLsaUJBbIf6IYFs+i++OUkwAv0WYG0RZa
 xGjQBaaSmXPp48akIeModsp3SgNwBFpbTiXJR8hdGYjJNaaMNGD5HGQ539Ij+Wpf
 YHTIsdqw3xfFH/FoHMOesF/h/uMoA1NAMFAy/gGHxRRGNIk0wERHdTpdFUODIx9E
 NJk2fwBYpO+uRntgcmt9F3S9+YBzxACHYNmjvtbvUwjkr/hnl6jincTmlkmR9Fgl
 HYy+RcBb9A19wRYnZ5wDFOyk3sua7iq4ZBq0dbpYtSOtR9q4RtFw9wfsT8OoQMKz
 aBBn8AiV2ak+Qu00MFCyqj3jUoWa/8qzy6/57nWNsqoJTBMD0uI5UY4liTBGeq3g
 m02uVqtZgwjeBxUmMh8IxZDntVRZChGgvmifwOzb/BUV8oaOiy4aiQjONSdQBeP6
 j9SDBLRH/PY=
 =wuVV
 -----END PGP SIGNATURE-----

Merge tag 'keys-next-20171123' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next-keys

Merge keys subsystem changes from David Howells, for v4.15.
2017-11-24 11:54:11 +11:00
Bjorn Helgaas fd2fa6c18b x86/PCI: Remove unused HyperTransport interrupt support
There are no in-tree callers of ht_create_irq(), the driver interface for
HyperTransport interrupts, left.  Remove the unused entry point and all the
supporting code.

See 8b955b0ddd ("[PATCH] Initial generic hypertransport interrupt
support").

Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: linux-pci@vger.kernel.org
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Link: https://lkml.kernel.org/r/20171122221337.3877.23362.stgit@bhelgaas-glaptop.roam.corp.google.com
2017-11-23 20:18:18 +01:00
Borislav Petkov e2a5dca753 x86/umip: Fix insn_get_code_seg_params()'s return value
In order to save on redundant structs definitions
insn_get_code_seg_params() was made to return two 4-bit values in a char
but clang complains:

  arch/x86/lib/insn-eval.c:780:10: warning: implicit conversion from 'int' to 'char'
	  changes value from 132 to -124 [-Wconstant-conversion]
                  return INSN_CODE_SEG_PARAMS(4, 8);
                  ~~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~~~~
  ./arch/x86/include/asm/insn-eval.h:16:57: note: expanded from macro 'INSN_CODE_SEG_PARAMS'
  #define INSN_CODE_SEG_PARAMS(oper_sz, addr_sz) (oper_sz | (addr_sz << 4))

Those two values do get picked apart afterwards the opposite way of how
they were ORed so wrt to the LSByte, the return value is the same.

But this function returns -EINVAL in the error case, which is an int. So
make it return an int which is the native word size anyway and thus fix
the clang warning.

Reported-by: Kees Cook <keescook@google.com>
Reported-by: Nick Desaulniers <nick.desaulniers@gmail.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: ricardo.neri-calderon@linux.intel.com
Link: https://lkml.kernel.org/r/20171123091951.1462-1-bp@alien8.de
2017-11-23 20:17:59 +01:00
Chao Fan 69550d41ff x86/boot/KASLR: Remove unused variable
There are two variables "rc" in mem_avoid_memmap. One at the top of the
function and another one inside the while() loop. Drop the outer one as it
is unused. Cleanup some whitespace damage while at it.

Signed-off-by: Chao Fan <fanc.fnst@cn.fujitsu.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: gregkh@linuxfoundation.org
Cc: n-horiguchi@ah.jp.nec.com
Cc: keescook@chromium.org
Link: https://lkml.kernel.org/r/20171123090847.15293-1-fanc.fnst@cn.fujitsu.com
2017-11-23 20:17:59 +01:00
Kees Cook 75f1133873 genirq/matrix: Make - vs ?: Precedence explicit
Noticed with a Clang build. This improves the readability of the ?:
expression, as it has lower precedence than the - expression. Show
explicitly that - is evaluated first.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20171122205645.GA27125@beast
2017-11-23 20:09:31 +01:00
Vasyl Gomonovych 328bf1b29c irqchip/imgpdc: Use resource_size function on resource object
drivers/irqchip/irq-imgpdc.c:327:20-23: WARNING: Suspicious code.
		resource_size is maybe missing with res_regs

Generated by: scripts/coccinelle/api/resource_size.cocci

Signed-off-by: Vasyl Gomonovych <gomonovych@gmail.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: marc.zyngier@arm.com
Cc: jason@lakedaemon.net
Link: https://lkml.kernel.org/r/1511215361-8279-1-git-send-email-gomonovych@gmail.com
2017-11-23 20:09:12 +01:00
Colin Ian King e9990d70e8 irqchip/qcom: Fix u32 comparison with value less than zero
The comparison of u32 nregs being less than zero is never true since
nregs is unsigned. Fix this by making nregs a signed integer.

Fixes: f20cc9b00c ("irqchip/qcom: Add IRQ combiner driver")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: kernel-janitors@vger.kernel.org
Cc: Jason Cooper <jason@lakedaemon.net>
Link: https://lkml.kernel.org/r/20171117183553.2739-1-colin.king@canonical.com
2017-11-23 20:03:58 +01:00